Use transactions at the http layer
This commit is contained in:
@@ -19,25 +19,23 @@ class AuthFilter(
|
||||
private val ctx: RequestContexts,
|
||||
private val source: JwtSource = JwtSource.Cookie,
|
||||
private val redirect: Boolean = true,
|
||||
) {
|
||||
operator fun invoke() = Filter { next ->
|
||||
{
|
||||
val token = when (source) {
|
||||
JwtSource.Header -> it.bearerTokenHeader()
|
||||
JwtSource.Cookie -> it.bearerTokenCookie()
|
||||
) : Filter {
|
||||
override fun invoke(next: HttpHandler): HttpHandler = {
|
||||
val token = when (source) {
|
||||
JwtSource.Header -> it.bearerTokenHeader()
|
||||
JwtSource.Cookie -> it.bearerTokenCookie()
|
||||
}
|
||||
val jwtPayload = token?.let { token -> extractor(token) }
|
||||
when {
|
||||
jwtPayload != null -> {
|
||||
ctx[it][authKey] = jwtPayload
|
||||
next(it)
|
||||
}
|
||||
val jwtPayload = token?.let { token -> extractor(token) }
|
||||
when {
|
||||
jwtPayload != null -> {
|
||||
ctx[it][authKey] = jwtPayload
|
||||
next(it)
|
||||
}
|
||||
authType == AuthType.Required -> {
|
||||
if (redirect) Response.redirect("/login")
|
||||
else Response(UNAUTHORIZED)
|
||||
}
|
||||
else -> next(it)
|
||||
authType == AuthType.Required -> {
|
||||
if (redirect) Response.redirect("/login")
|
||||
else Response(UNAUTHORIZED)
|
||||
}
|
||||
else -> next(it)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,32 +2,44 @@ package be.simplenotes.app.filters
|
||||
|
||||
import be.simplenotes.app.extensions.html
|
||||
import be.simplenotes.app.views.ErrorView
|
||||
import be.simplenotes.app.views.ErrorView.Type.*
|
||||
import org.http4k.core.*
|
||||
import org.http4k.core.Status.Companion.INTERNAL_SERVER_ERROR
|
||||
import org.http4k.core.Status.Companion.NOT_FOUND
|
||||
import org.http4k.core.Status.Companion.NOT_IMPLEMENTED
|
||||
import org.http4k.core.Status.Companion.SERVICE_UNAVAILABLE
|
||||
import org.slf4j.LoggerFactory
|
||||
import java.sql.SQLTransientException
|
||||
|
||||
class ErrorFilter(private val errorView: ErrorView) {
|
||||
class ErrorFilter(private val errorView: ErrorView) : Filter {
|
||||
|
||||
private val logger = LoggerFactory.getLogger(javaClass)
|
||||
|
||||
operator fun invoke(): Filter = Filter { next ->
|
||||
{
|
||||
try {
|
||||
val response = next(it)
|
||||
if (response.status == Status.NOT_FOUND) Response(Status.NOT_FOUND)
|
||||
.html(errorView.error(ErrorView.Type.NotFound))
|
||||
else response
|
||||
} catch (e: Exception) {
|
||||
logger.error(e.stackTraceToString())
|
||||
if (e is SQLTransientException)
|
||||
Response(Status.SERVICE_UNAVAILABLE).html(errorView.error(ErrorView.Type.SqlTransientError))
|
||||
.noCache()
|
||||
else
|
||||
Response(Status.INTERNAL_SERVER_ERROR).html(errorView.error(ErrorView.Type.Other)).noCache()
|
||||
} catch (e: NotImplementedError) {
|
||||
logger.error(e.stackTraceToString())
|
||||
Response(Status.NOT_IMPLEMENTED).html(errorView.error(ErrorView.Type.Other)).noCache()
|
||||
}
|
||||
private fun errorResponse(status: Status): Response {
|
||||
val type = when (status) {
|
||||
SERVICE_UNAVAILABLE -> SqlTransientError
|
||||
NOT_FOUND -> NotFound
|
||||
NOT_IMPLEMENTED -> Other
|
||||
else -> Other
|
||||
}
|
||||
|
||||
return Response(status).html(errorView.error(type)).noCache()
|
||||
}
|
||||
|
||||
override fun invoke(next: HttpHandler): HttpHandler = { request ->
|
||||
try {
|
||||
val response = next(request)
|
||||
if (response.status == NOT_FOUND) errorResponse(NOT_FOUND)
|
||||
else response
|
||||
} catch (e: SQLTransientException) {
|
||||
logger.error(e.stackTraceToString())
|
||||
errorResponse(SERVICE_UNAVAILABLE)
|
||||
} catch (e: Exception) {
|
||||
logger.error(e.stackTraceToString())
|
||||
errorResponse(INTERNAL_SERVER_ERROR)
|
||||
} catch (e: NotImplementedError) {
|
||||
logger.error(e.stackTraceToString())
|
||||
errorResponse(NOT_IMPLEMENTED)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,13 +2,10 @@ package be.simplenotes.app.filters
|
||||
|
||||
import org.http4k.core.Filter
|
||||
import org.http4k.core.HttpHandler
|
||||
import org.http4k.core.Method
|
||||
import org.http4k.core.Request
|
||||
|
||||
object ImmutableFilter {
|
||||
operator fun invoke() = Filter { next: HttpHandler ->
|
||||
{ request: Request ->
|
||||
next(request).header("Cache-Control", "public, max-age=31536000, immutable")
|
||||
}
|
||||
object ImmutableFilter : Filter {
|
||||
override fun invoke(next: HttpHandler) = { request: Request ->
|
||||
next(request).header("Cache-Control", "public, max-age=31536000, immutable")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,17 +4,15 @@ import org.http4k.core.Filter
|
||||
import org.http4k.core.HttpHandler
|
||||
import org.http4k.core.Request
|
||||
|
||||
object SecurityFilter {
|
||||
operator fun invoke() = Filter { next: HttpHandler ->
|
||||
{ request: Request ->
|
||||
val response = next(request)
|
||||
.header("X-Content-Type-Options", "nosniff")
|
||||
object SecurityFilter : Filter {
|
||||
override fun invoke(next: HttpHandler): HttpHandler = { request: Request ->
|
||||
val response = next(request)
|
||||
.header("X-Content-Type-Options", "nosniff")
|
||||
|
||||
if (response.header("Content-Type")?.contains("text/html") == true) {
|
||||
response
|
||||
.header("Content-Security-Policy", "default-src 'self'")
|
||||
.header("Referrer-Policy", "no-referrer")
|
||||
} else response
|
||||
}
|
||||
if (response.header("Content-Type")?.contains("text/html") == true) {
|
||||
response
|
||||
.header("Content-Security-Policy", "default-src 'self'")
|
||||
.header("Referrer-Policy", "no-referrer")
|
||||
} else response
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,13 @@
|
||||
package be.simplenotes.app.filters
|
||||
|
||||
import me.liuwj.ktorm.database.Database
|
||||
import org.http4k.core.Filter
|
||||
import org.http4k.core.HttpHandler
|
||||
|
||||
class TransactionFilter(private val db: Database) : Filter {
|
||||
override fun invoke(next: HttpHandler): HttpHandler = { request ->
|
||||
db.useTransaction {
|
||||
next(request)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -5,19 +5,20 @@ import be.simplenotes.app.api.ApiUserController
|
||||
import be.simplenotes.app.filters.AuthFilter
|
||||
import be.simplenotes.app.filters.AuthType
|
||||
import be.simplenotes.app.filters.JwtSource
|
||||
import org.http4k.core.Filter
|
||||
import org.koin.core.qualifier.named
|
||||
import org.koin.dsl.module
|
||||
|
||||
val apiModule = module {
|
||||
single { ApiUserController(get(), get()) }
|
||||
single { ApiNoteController(get(), get()) }
|
||||
single(named("apiAuthFilter")) {
|
||||
single<Filter>(named("apiAuthFilter")) {
|
||||
AuthFilter(
|
||||
extractor = get(),
|
||||
authType = AuthType.Required,
|
||||
ctx = get(),
|
||||
source = JwtSource.Header,
|
||||
redirect = false
|
||||
)()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,12 +4,14 @@ import be.simplenotes.app.Server
|
||||
import be.simplenotes.app.filters.AuthFilter
|
||||
import be.simplenotes.app.filters.AuthType
|
||||
import be.simplenotes.app.filters.ErrorFilter
|
||||
import be.simplenotes.app.filters.TransactionFilter
|
||||
import be.simplenotes.app.routes.Router
|
||||
import be.simplenotes.app.utils.StaticFileResolver
|
||||
import be.simplenotes.app.utils.StaticFileResolverImpl
|
||||
import be.simplenotes.app.views.ErrorView
|
||||
import be.simplenotes.shared.config.ServerConfig
|
||||
import org.eclipse.jetty.server.ServerConnector
|
||||
import org.http4k.core.Filter
|
||||
import org.http4k.core.RequestContexts
|
||||
import org.http4k.routing.RoutingHttpHandler
|
||||
import org.http4k.server.ConnectorBuilder
|
||||
@@ -45,14 +47,16 @@ val serverModule = module {
|
||||
get(),
|
||||
requiredAuth = get(AuthType.Required.qualifier),
|
||||
optionalAuth = get(AuthType.Optional.qualifier),
|
||||
errorFilter = get(named("ErrorFilter")),
|
||||
apiAuth = get(named("apiAuthFilter")),
|
||||
get()
|
||||
get(),
|
||||
get(),
|
||||
get(),
|
||||
)()
|
||||
}
|
||||
single { RequestContexts() }
|
||||
single(AuthType.Optional.qualifier) { AuthFilter(get(), AuthType.Optional, get())() }
|
||||
single(AuthType.Required.qualifier) { AuthFilter(get(), AuthType.Required, get())() }
|
||||
single(named("ErrorFilter")) { ErrorFilter(get())() }
|
||||
single<Filter>(AuthType.Optional.qualifier) { AuthFilter(get(), AuthType.Optional, get()) }
|
||||
single<Filter>(AuthType.Required.qualifier) { AuthFilter(get(), AuthType.Required, get()) }
|
||||
single { ErrorFilter(get()) }
|
||||
single { TransactionFilter(get()) }
|
||||
single { ErrorView(get()) }
|
||||
}
|
||||
|
||||
@@ -6,15 +6,14 @@ import be.simplenotes.app.controllers.BaseController
|
||||
import be.simplenotes.app.controllers.NoteController
|
||||
import be.simplenotes.app.controllers.SettingsController
|
||||
import be.simplenotes.app.controllers.UserController
|
||||
import be.simplenotes.app.filters.ImmutableFilter
|
||||
import be.simplenotes.app.filters.SecurityFilter
|
||||
import be.simplenotes.app.filters.jwtPayload
|
||||
import be.simplenotes.app.filters.*
|
||||
import be.simplenotes.domain.security.JwtPayload
|
||||
import org.http4k.core.*
|
||||
import org.http4k.core.Method.*
|
||||
import org.http4k.filter.ResponseFilters
|
||||
import org.http4k.filter.ResponseFilters.GZip
|
||||
import org.http4k.filter.ServerFilters.InitialiseRequestContext
|
||||
import org.http4k.routing.*
|
||||
import org.http4k.routing.ResourceLoader.Companion.Classpath
|
||||
|
||||
class Router(
|
||||
private val baseController: BaseController,
|
||||
@@ -25,24 +24,19 @@ class Router(
|
||||
private val apiNoteController: ApiNoteController,
|
||||
private val requiredAuth: Filter,
|
||||
private val optionalAuth: Filter,
|
||||
private val errorFilter: Filter,
|
||||
private val apiAuth: Filter,
|
||||
private val errorFilter: ErrorFilter,
|
||||
private val transactionFilter: TransactionFilter,
|
||||
private val contexts: RequestContexts,
|
||||
) {
|
||||
operator fun invoke(): RoutingHttpHandler {
|
||||
|
||||
val resourceLoader = ResourceLoader.Classpath(("/static"))
|
||||
val basicRoutes = routes(
|
||||
ImmutableFilter().then(static(resourceLoader, "woff2" to ContentType("font/woff2"))),
|
||||
)
|
||||
val basicRoutes = ImmutableFilter.then(static(Classpath("/static"), "woff2" to ContentType("font/woff2")))
|
||||
|
||||
infix fun PathMethod.public(handler: PublicHandler) = this to { handler(it, it.jwtPayload(contexts)) }
|
||||
infix fun PathMethod.protected(handler: ProtectedHandler) = this to { handler(it, it.jwtPayload(contexts)!!) }
|
||||
|
||||
val publicRoutes: RoutingHttpHandler = routes(
|
||||
val publicRoutes = routes(
|
||||
"/" bind GET public baseController::index,
|
||||
"/register" bind GET public userController::register,
|
||||
"/register" bind POST public userController::register,
|
||||
"/register" bind POST `public transactional` userController::register,
|
||||
"/login" bind GET public userController::login,
|
||||
"/login" bind POST public userController::login,
|
||||
"/logout" bind POST to userController::logout,
|
||||
@@ -51,18 +45,18 @@ class Router(
|
||||
|
||||
val protectedRoutes = routes(
|
||||
"/settings" bind GET protected settingsController::settings,
|
||||
"/settings" bind POST protected settingsController::settings,
|
||||
"/settings" bind POST transactional settingsController::settings,
|
||||
"/export" bind POST protected settingsController::export,
|
||||
"/notes" bind GET protected noteController::list,
|
||||
"/notes" bind POST protected noteController::search,
|
||||
"/notes/new" bind GET protected noteController::new,
|
||||
"/notes/new" bind POST protected noteController::new,
|
||||
"/notes/new" bind POST transactional noteController::new,
|
||||
"/notes/trash" bind GET protected noteController::trash,
|
||||
"/notes/{uuid}" bind GET protected noteController::note,
|
||||
"/notes/{uuid}" bind POST protected noteController::note,
|
||||
"/notes/{uuid}" bind POST transactional noteController::note,
|
||||
"/notes/{uuid}/edit" bind GET protected noteController::edit,
|
||||
"/notes/{uuid}/edit" bind POST protected noteController::edit,
|
||||
"/notes/deleted/{uuid}" bind POST protected noteController::deleted,
|
||||
"/notes/{uuid}/edit" bind POST transactional noteController::edit,
|
||||
"/notes/deleted/{uuid}" bind POST transactional noteController::deleted,
|
||||
)
|
||||
|
||||
val apiRoutes = routes(
|
||||
@@ -71,10 +65,10 @@ class Router(
|
||||
|
||||
val protectedApiRoutes = routes(
|
||||
"/api/notes" bind GET protected apiNoteController::notes,
|
||||
"/api/notes" bind POST protected apiNoteController::createNote,
|
||||
"/api/notes/search" bind POST protected apiNoteController::search,
|
||||
"/api/notes" bind POST transactional apiNoteController::createNote,
|
||||
"/api/notes/search" bind POST transactional apiNoteController::search,
|
||||
"/api/notes/{uuid}" bind GET protected apiNoteController::note,
|
||||
"/api/notes/{uuid}" bind PUT protected apiNoteController::update,
|
||||
"/api/notes/{uuid}" bind PUT transactional apiNoteController::update,
|
||||
)
|
||||
|
||||
val routes = routes(
|
||||
@@ -87,11 +81,23 @@ class Router(
|
||||
|
||||
val globalFilters = errorFilter
|
||||
.then(InitialiseRequestContext(contexts))
|
||||
.then(SecurityFilter())
|
||||
.then(ResponseFilters.GZip())
|
||||
.then(SecurityFilter)
|
||||
.then(GZip())
|
||||
|
||||
return globalFilters.then(routes)
|
||||
}
|
||||
|
||||
private inline infix fun PathMethod.public(crossinline handler: PublicHandler) =
|
||||
this to { handler(it, it.jwtPayload(contexts)) }
|
||||
|
||||
private inline infix fun PathMethod.protected(crossinline handler: ProtectedHandler) =
|
||||
this to { handler(it, it.jwtPayload(contexts)!!) }
|
||||
|
||||
private inline infix fun PathMethod.transactional(crossinline handler: ProtectedHandler) =
|
||||
this to transactionFilter.then { handler(it, it.jwtPayload(contexts)!!) }
|
||||
|
||||
private inline infix fun PathMethod.`public transactional`(crossinline handler: PublicHandler) =
|
||||
this to transactionFilter.then { handler(it, it.jwtPayload(contexts)) }
|
||||
}
|
||||
|
||||
private typealias PublicHandler = (Request, JwtPayload?) -> Response
|
||||
|
||||
Reference in New Issue
Block a user